Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/17b57109-c3f8-4f4e-a1e4-f1969fd9dff5.roa
File: 17b57109-c3f8-4f4e-a1e4-f1969fd9dff5.roa (raw, json)
Hash identifier: eLl55BKunwbGKk8nK3xNYct5krc0d9EPumdDxYepz6o=
Subject key identifier: 67:74:7D:4C:C2:27:0D:61:C9:88:2E:EB:19:6E:C2:7A:6B:15:A4:36
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6DAD38117C65ACD4DFCF66BD7CE36319A51BFC07
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/17b57109-c3f8-4f4e-a1e4-f1969fd9dff5.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:ad:38:11:7c:65:ac:d4:df:cf:66:bd:7c:e3:63:19:a5:1b:fc:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=182b62f0f58c2b3806e5444d43e384e306375af5aac266a846ddf6fa75394860, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9a:0e:b1:0b:b6:e2:af:de:8a:90:77:6f:a1:
c2:a8:21:6a:46:c7:e4:03:5e:8a:eb:04:76:22:7b:
fe:9a:73:d7:3e:18:52:a3:6c:0a:4d:39:64:93:84:
35:ea:90:3f:8e:33:89:32:7c:50:48:31:58:a3:3f:
31:a7:d5:5d:ca:e6:7f:75:dd:22:1f:28:8e:7f:09:
11:4c:17:cb:21:20:16:f5:cd:51:36:f6:12:af:f4:
33:dc:5e:42:0b:81:c1:ec:3b:5f:bb:63:7c:ec:7a:
2a:27:96:78:e7:a1:62:cd:e2:17:b4:60:ea:76:39:
bc:8d:55:07:da:05:cc:10:89:77:21:9a:68:09:d6:
e0:6f:12:13:2e:66:64:bd:75:57:ec:9a:04:d3:0d:
50:09:51:89:2e:02:e7:55:02:04:97:fc:94:97:d6:
48:f2:05:c6:c8:19:8b:28:dd:d3:f5:0a:2f:da:97:
83:6f:ea:fa:70:83:e4:70:d1:5e:44:7b:98:2d:58:
95:39:c8:69:12:f9:be:03:77:b6:b6:6c:c6:db:f8:
d7:ba:55:a5:06:34:48:78:ff:82:73:de:16:b2:cb:
56:3d:5f:01:73:bd:be:2e:8c:29:83:dc:57:19:42:
fd:db:9c:c1:1a:bd:ae:ee:5e:3e:db:a2:cb:a6:b2:
08:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:74:7D:4C:C2:27:0D:61:C9:88:2E:EB:19:6E:C2:7A:6B:15:A4:36
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/17b57109-c3f8-4f4e-a1e4-f1969fd9dff5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
31:1b:46:e9:d3:ab:8a:d7:43:bb:fc:9c:cf:01:bb:bc:98:87:
6e:41:8e:be:c0:2c:79:61:f0:3a:01:24:b7:5e:93:96:0c:4d:
c9:fc:65:81:08:01:4e:de:4c:41:d7:e4:bc:5a:48:16:9c:96:
03:97:8e:5b:b8:b9:73:08:98:49:64:12:fe:96:d9:f1:86:70:
d6:35:2f:26:92:dd:b7:ef:08:77:3b:35:35:35:d0:09:d3:56:
1d:de:a7:78:c7:5f:2a:35:b3:09:97:17:4b:9d:e2:91:9a:53:
60:e5:ef:92:37:42:89:22:0b:10:30:77:1c:00:92:e6:66:70:
d2:e6:43:9e:bf:66:b7:73:80:c6:4b:ad:dd:48:ab:40:40:18:
96:e3:c1:d7:c8:ff:bc:fe:6d:6c:08:b9:9b:24:74:e0:b4:6c:
fd:3d:91:02:9d:cf:b9:c2:9d:25:88:6d:3b:45:0f:97:97:32:
c6:ea:1e:0b:21:30:25:90:02:2a:25:38:d7:a7:cd:24:ad:55:
ed:07:37:b1:de:3b:9f:6a:ca:0a:c2:08:18:da:e4:3b:98:66:
1e:15:04:a1:b6:4f:72:f0:70:16:02:91:5f:4e:e9:32:d1:4e:
1b:bc:6c:90:c5:df:5f:74:d3:0d:15:ec:d3:4d:a5:c5:74:9a:
cf:c2:f3:c9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUba04EXxlrNTfz2a9fONjGaUb/AcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4MmI2MmYwZjU4YzJiMzgwNmU1NDQ0ZDQzZTM4NGUzMDYzNzVhZjVhYWMy
NjZhODQ2ZGRmNmZhNzUzOTQ4NjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJqaDrELtuKv3oqQd2+hwqghakbH5ANeiusEdiJ7/ppz1z4YUqNsCk05ZJOE
NeqQP44ziTJ8UEgxWKM/MafVXcrmf3XdIh8ojn8JEUwXyyEgFvXNUTb2Eq/0M9xe
QguBwew7X7tjfOx6KieWeOehYs3iF7Rg6nY5vI1VB9oFzBCJdyGaaAnW4G8SEy5m
ZL11V+yaBNMNUAlRiS4C51UCBJf8lJfWSPIFxsgZiyjd0/UKL9qXg2/q+nCD5HDR
XkR7mC1YlTnIaRL5vgN3trZsxtv417pVpQY0SHj/gnPeFrLLVj1fAXO9vi6MKYPc
VxlC/ducwRq9ru5ePtuiy6ayCCcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRndH1M
wicNYcmILusZbsJ6axWkNjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTdiNTcxMDktYzNmOC00ZjRlLWExZTQtZjE5NjlmZDlkZmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQAxG0bp06uK10O7/JzPAbu8mIduQY6+wCx5YfA6ASS3
XpOWDE3J/GWBCAFO3kxB1+S8WkgWnJYDl45buLlzCJhJZBL+ltnxhnDWNS8mkt23
7wh3OzU1NdAJ01Yd3qd4x18qNbMJlxdLneKRmlNg5e+SN0KJIgsQMHccAJLmZnDS
5kOev2a3c4DGS63dSKtAQBiW48HXyP+8/m1sCLmbJHTgtGz9PZECnc+5wp0liG07
RQ+XlzLG6h4LITAlkAIqJTjXp80krVXtBzex3jufasoKwggY2uQ7mGYeFQShtk9y
8HAWApFfTuky0U4bvGyQxd9fdNMNFezTTaXFdJrPwvPJ
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:27 2024 by rpki-client on console-ams.rpki-client.org